MGASA-2013-0057

Date:

February 17th, 2013

Affected releases:

2

Media:

Core

Description:
Updated dbus-glib packages fix security vulnerability:

A privilege escalation flaw was found in the way dbus-glib, the D-Bus
add-on library to integrate the standard D-Bus library with the GLib
thread abstraction and main loop, performed filtering of the message
sender (message source subject), when the NameOwnerChanged signal was
received. A local attacker could use this flaw to escalate their
privileges (CVE-2013-0292).